---

kind: Job
apiVersion: batch/v1
metadata:
  generateName: compare-pvcs-
  namespace: "{{ namespace }}"
spec:
  completions: 1
  parallelism: 1
  backoffLimit: 0
  template:
    spec:
      containers:
        - name: busybox
          image: gcr.io/distroless/static:debug
          imagePullPolicy: IfNotPresent
          command: ["sh", "-c"]
          args:
            - |
              set -e -o pipefail

              id

              echo "Validating contents: PVC1 -> PVC2"
              find /mnt -type f | \
                xargs sha256sum | \
                sed 's| /mnt/| /mnt2/|g' | \
                grep -v lost+found | \
                sha256sum -c

              echo "Validating contents: PVC2 -> PVC1"
              find /mnt2 -type f | \
                xargs sha256sum | \
                sed 's| /mnt2/| /mnt/|' | \
                grep -v lost+found | \
                sha256sum -c

              echo "... all file contents matched"

              echo "File attributes:"
              find /mnt -exec stat -c "{{ properties_to_verify }}" {} \; | \
                grep -v lost+found | \
                sort | tee /tmp/attributes-mnt
              sed -ri 's|/mnt|/mnt2|' /tmp/attributes-mnt
              find /mnt2 -exec stat -c "{{ properties_to_verify }}" {} \; | \
                grep -v lost+found | \
                sort > /tmp/attributes-mnt2

              echo "Looking for differences:"
              diff /tmp/attributes-mnt /tmp/attributes-mnt2
              echo "... none found"
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop: ["ALL"]
            readOnlyRootFilesystem: true
          volumeMounts:
            - name: tmp
              mountPath: "/tmp"
            - name: pvc1
              mountPath: "/mnt"
            - name: pvc2
              mountPath: "/mnt2"
      restartPolicy: Never
{% if podSecurityContext is defined %}
      securityContext: {{ podSecurityContext }}
{% endif %}
      terminationGracePeriodSeconds: 2
      volumes:
        - name: tmp
          emptyDir:
            medium: Memory
        - name: pvc1
          persistentVolumeClaim:
            claimName: "{{ pvc1_name }}"
        - name: pvc2
          persistentVolumeClaim:
            claimName: "{{ pvc2_name }}"
